Chapter 9 Review Question Answers

  1. A RADIUS authentication server requires that the _____ be authenticated first.
  1. authentication server
  2. supplicant
  3. authenticator
  4. user
  1. Each of the following make up the AAA elements in network security except ______.
  1. controlling access to network resources (authentication)
  2. enforcing security policies (authorization)
  3. determining user need (analyzing)
  4. auditing usage (accounting)
  1. With the development of IEEE 802.1x port security, the authentication server _____ has seen even greater usage.
  1. RDAP
  2. DAP
  3. RADIUS
  4. AAA
  1. _____ is an authentication protocol available as a free download that runs on Microsoft Windows 7/Vista, Windows Server 2008, Apple Mac OS X, and Linux.
  1. IEEE 802.1x
  2. RADIUS
  3. Kerberos
  4. LDAP
  1. The version of the X.500 standard that runs on a personal computer over TCP/IP is_____.
  1. DAP
  2. LDAP
  3. IEEE X.501
  4. Lite RDAP
  1. A user entering her username would correspond to the _____ action in access control.
  1. authentication
  2. identification
  3. authorization
  4. access
  1. A process functioning on behalf of the user that attempts to access a file is known as a(n) ______.
  1. object
  2. subject
  3. resource
  4. operation check
  1. The individual who periodically reviews security settings and maintains records of access by users is called the _____.
  1. supervisor
  2. owner
  3. custodian
  4. manager
  1. In the _____ model, the end user cannot change any security settings.
  1. Discretionary Access Control
  2. Security Access Control
  3. Mandatory Access Control
  4. Restricted Access Control
  1. Rule Based Access Control _____.
  1. is considered obsolete today
  2. dynamically assigns roles to subjects based on rules
  3. is considered a real-world approach by linking a user’s job function with security
  4. requires that a custodian set all rules
  1. Separation of duties requires that _____.
  1. processes should be divided between two or more individuals
  2. end users cannot set security for themselves
  3. managers must monitor owners for security purposes
  4. jobs be rotated among different individuals
  1. _____ in access control means that if a condition is not explicitly met then access is to be rejected.
  1. Denial of duties
  2. Implicit deny
  3. Explicit rejection
  4. Prevention control
  1. A(n) _____ is a set of permissions that is attached to an object.
  1. access control list (ACL)
  2. Subject Access Entity (SAE)
  3. object modifier
  4. security entry designator
  1. _____ is a Microsoft Windows feature that provides centralized management and configuration of computers and remote users who are using Active Directory.
  1. Windows Register Settings
  2. Group Policy
  3. Resource Allocation Entities
  4. AD Management Services (ADMS)
  1. A(n) _____ constructs LDAP statements based on user inputs in order to retrieve information from the database or modify its contents.
  1. SQL/LDAP insert attack
  2. modified Trojan attack
  3. LDAP injection attack
  4. RBASE plug-in attack
  1. The least restrictive access control model is _____.
  1. Role Based Access Control (RBAC)
  2. Mandatory Access Control (MAC)
  3. Discretionary Access Control (DAC)
  4. Rule Based Access Control (RBAC)
  1. The principle known as _____ in access control means that each user should only be given the minimal amount of privileges necessary for that person to perform their job function.
  1. Enterprise Security
  2. least privilege
  3. deny all
  4. Mandatory Limitations
  1. A(n) _____ is the person responsible for the informationand determines the level of security needed for the data and delegates security duties as required.
  1. owner
  2. custodian
  3. end user
  4. administrator
  1. In the Mandatory Access Control (MAC) model, every subject and object _____.
  1. is restricted and cannot be accessed
  2. is assigned a label
  3. can be changed by the owner
  4. must be given a number from 200–900
  1. A user account that has not been accessed for a lengthy period of time is called a(n) _____ account.
  1. orphaned
  2. limbo
  3. static
  4. dormant